tech

WMITA Unplugged Event - "Open Source is Winning"

Last night saw me taking a long-ish trek out to the West (near Telford) to present at a WMITA event. The event was held in a debating-style format, with me supporting the motion "This house believes that open source is winning". After I thought about it for a while, I realised I didn't really understand the motion, and spent my speech moulding it into what I would have preferred as a motion:

This house believes that those companies which make the most effective use of open source will be the ones which win.

Which I do believe. It was a fun debate with a nice bunch of people (mainly .NET programmers, which in itself was interesting), and I kind of "won": we had a vote for/against the motion before we started the debate, at which 31% were for, 31% against, and 38% didn't know; after the debate, for was up to 50%, against 31% and don't know down to 19%. If I convinced one person, I consider it a victory.

There is a report about the event online now.

The notes I used as the outline for my talk are attached below.

Open source for normal people

The BBC ran an edition of its Click on open source on Saturday. The RealPlayer feed is available from the BBC website. It's fairly interesting, low-level stuff: you know, here's a load of free software ("free" as in beer) you can use instead of that expensive proprietary stuff. There's an interview with Mark Shuttleworth of Canonical (those folk behind Ubuntu) where he talks about space more than software, but reasonably interesting. (I find this programme quite quaint, as they still have a "best websites of the week" section, and it is very English and slightly patronising in places (if you're a techie).)

Drupal in the West Midlands

At OpenAdvantage we are starting to see more and more enquiries about support for Drupal. Often this will be from companies who've started using Drupal but need some work done on customisation; or a company that's seen Drupal in action elsewhere but lacks the technical skill for implementation. They are often looking for a local company to support their work, and ask for suggestions. I end up scouring the Drupal services page for UK companies, but it's not very often I see any West Midlands companies.

If you are a Drupal company based in the West Midlands region and are looking for consultancy work, please let me know in the comments so I can pass your details on. I've had enquiries from three different organisations in the past month, to give you an idea of the levels of interest. For the record, here's a list of compiled; note that these are not recommendations, just companies I know of who work with Drupal in the UK:

Open Source Showcase at OpenAdvantage - line up

I've been putting together an event bringing together companies and enthusiasts in the West Midlands, where they will be doing short talks about how they're using open source. The full flyer is available at:

http://www.openadvantage.org/events/20070620_open_source_showcase

The event's at the NTi in Birmingham on the 20th June: please sign up through the link above. It's FREE.

I've now got a preliminary speaker list for this event, too (each talk will be a zippy 10 minutes):

  1. Richard Johnson, PixelPlanet Ltd.: Plone for corporate websites
  2. Ian Moore, Friends of the Earth (Birmingham): Edubuntu and thin clients
  3. Jake Stride, Senokian: Enterprise Groupware System
  4. Claire Wozencroft, C2B2: iPoint portal
  5. William Giddings: open source applications with Tcl/Tk
  6. Richard Zybert, Zybert Computing: Z1 Gem Server
  7. Dave Jones, XDM Software: Moodle

If you're interested in speaking, there are still a couple of spaces available. Drop me an email at my name (elliot) at my organisation (openadvantage.org) if you'd like to participate as a presenter. The aim is to hear about how companies and organisations are using open source, rather than sales pitches, but it puts your company in front of a crowd of interested listeners.

It's been great for me already, hearing about projects I wasn't aware of. It will be a good event. Unlike events like LUGRadio Live (which is great, by the way), this one will be focusing on West Midlands open source people and will include quite a few SMEs who make money using and producing open source.

Downloading lots of stuff at once with Firefox

I use eMusic to satisfy my insatiable desire for music. It's great. However, you have to download each track individually: there's no way to get a whole album at once (at the moment). In Firefox, I found I could only download two tracks at a time; this meant it took quite a long time to download 10 tracks, say, as I could only have two downloads going at once.

I always thought this was down to eMusic, but it occurred to me today that it's probably a Firefox setting. Lo and behold, it is a Firefox setting. If you want to fix your browser to allow more than two simultaneous downloads over HTTP, do the following:

  • Open up the URL about:config by typing it in the address bar and clicking the green arrow. This shows you all your Firefox settings.
  • In the Filter text box, type connections to just show options relating to connections.
  • I've got four settings, so I set all four to 12. Might seem excessive, but better to be safe than sorry. (To modify a value, right-click on it, select Modify and enter your new value). Here are the properties I changed:
    • network.http.max-connections
    • network.http.max-connections-per-server
    • network.http.max-persistent-connections-per-proxy
    • network.http.max-persistent-connections-per-server

I can now have 10 or so downloads running concurrently (the first typically finishes before I've got round to starting number 11!). Much better. This might even speed up standard web browsing, as you can download far more files from a single server at the same time. (Though I don't know whether setting it too high might make it look like you're trying to launch a denial-of-service attack or something.)

To further improve your download experience, I recommend the Download Statusbar for Firefox. Peachy.

Rails configuration: I'd rather do XML situps than hunt through dozens of files

Update: Shahid (see comments) mentioned that this functionality, or something very much like it, has been introduced in edge Rails. Not sure how I missed that, as I do read Ryan's blog. So it could be that my rant was misplaced.

This is something that's been bothering me for a while. In the early days of Rails, much was made of the simplicity of configuration: no big XML files like you have for Java Enterprise applications; just a database.yml file and a handful of simple environment options. But it's occurred to me that this is no longer true.

Take a look at the new video for the MOle, a plugin for monitoring your Rails application in real time; I'm not talking about the plugin itself, rather the configuration files which are shown in the video. They are full of chunks of Ruby code for setting constants for use in the application, plus some other bits for working out whether localization is available.

Or have a look at the caboose sample Rails application, a neat integration of several plugins plus some Rails best practices into a template application. It's a nice application, with lots of great ideas, but that's not my point. Have a look at the environment.rb file and you notice things like this:

ASSET_IMAGE_PROCESSOR = :image_science || :rmagick || :none
...
ExceptionNotifier.exception_recipients = %w( your_email@test.com )

i.e. Ruby code to configure the various plugins and Rails components.

Or have a look at the environment.rb file for Typo. Again, a great piece of software; but the configuration file contains a multitude of options, extra load paths, checks for capabilities, setting up of constants and environment variables, etc..

My point is: there isn't "one true way" to configure Rails applications. Yes, Rails has dispensed with XML configuration files; but as the complexity of available plugins, libraries and capabilities has increased, the infrastructure for managing them hasn't kept up. We are reduced to configuring a ton of options in environment.rb and other places (e.g. app/controllers/application.rb for the session key, plugin-specific YAML files in config), none of which is particularly well documented. If you want to set up constants for your application, there is no right way to do it: you just do it how you like. This is all well and good, but makes it very hard for beginners to get their head round, and puts you back into a position not that far from configuring a PHP application in the raw.

My suggestion: some central mechanism for storing constants without having to resort to coding them in Ruby (maybe a constants.yml file); some mechanism for declaring a list of libraries you want to load without resorting to conditional require statements (e.g. a libraries.yml file which lists dependencies and provides a neat Ruby-ish syntax for reacting to error conditions); better documentation for the configuration options you can set for the various Rails libraries and a single YAML file for setting them (e.g. rails_config.yml); a standard mechanism for configuring plugins via YAML files (e.g. <plugin>_config.yml). Maybe there's a plugin already out there I don't know about that can do this...

I know this would take us away from simplicity into J2EE land: but one thing you can say about Java web applications is that there is far more consistency in how they are packaged, making them easier to deploy and their configuration more transparent. Now that Rails is becoming a complex beast, it might be time to put some structure back in.

Securing the Windows operating system

As the resident IT person among my friends and family, as well as being an IT advisor at work, and despite me hardly ever using Windows, I still get quite a few phone calls asking me about securing Windows, cheap or free software for Windows, configuring wireless on Windows, etc.. I'm sure many of you are in the same boat. Anyway, I read a really useful article in the Guardian (by Jack Schofield) last week which covers a lot of the "how do I secure my Windows installation?" style questions. Here are the salient points (plus a few of my own), which should act as a checklist for me (and hopefully you too) when answering those support-desk style calls:

  • If you're using broadband, get a proper router with NAT and a built-in firewall, rather than just a modem.
  • Make sure you use Windows Update to keep your system patched.
  • Use Firefox instead of Internet Explorer.
  • If you insist on Internet Explorer, use version 7 (Windows XP Service Pack 2 or Vista).
  • Use Thunderbird instead of Outlook Express. This will also help with junk.
  • Use a firewall.
    • The one which comes with Windows is OK.
    • Kerio Personal firewall by Sunbelt Software is Jack's recommendation. There is a free (feature-hobbled) version or a full version which costs $19.95. It works with Windows 2000 or XP.
  • Use an anti-spyware program.
    • Spybot Search and Destroy works well but has quite a complicated interface.
    • Grisoft's Anti-Malware product (which also does anti-virus) is Jack's recommendation. There is a free version which doesn't have all the features (including on-access scanning - i.e. you have to explicitly run the free version for it to detect spyware).
  • Use an anti-virus program.
    • There is a free (not open source) product made available by AOL called ActiveVirusShield (for Windows 98, 2000, ME and XP).
    • Open source ClamWin: but this is an on-demand scanner (you have to explicitly run it on files, so it won't automatically scan things you download).
    • Winpooch (mentioned in the comments) is an open source tool which integrates with ClamWin to offer anti-virus, anti-spyware and anti-malware. (Might give that a try myself.)
    • Grisoft's Anti-Malware includes an anti-virus.
    • Housecall is a free online tool which you could use periodically for extra peace of mind.
  • If you're using anti-virus and anti-spyware, make sure you keep them up to date with new virus/spyware signatures.
  • Jack mentions a tool called Cyberhawk which is a so-called HIPS (Host Intrusion Prevention System). There is another tool called Winsonar which keeps an eye on system processes and alerts you to unusual new activity.
  • Turn off non-essential services. I normally do this for people, starting with Messenger (which is responsible for those annoying desktop popups advertising porn and college diplomas). I also turn off Computer Browser, Net Logon, Remote Access Auto Connection Manager, Remote Access Connection Manager, Remote Desktop Help Session Manager, RPC Locator, Server, and Terminal Services (if possible).
  • Keep backups. Please.
    • Buy a big USB disk. Most come with backup software these days. Make sure you back up important things regularly. If you can afford it, buy two disks, and keep two backups. If you've got the patience, copy really important stuff to CD periodically.
    • Online backup is a good idea too. Chris (see comments) suggests Mozy. For the technically-inclined, Strongspace is good. I rolled my own using a cheap Dreamhost account (get a cheap Dreamhost account of your own using my referral code). It might be hard to implement on Windows, however.

You could also check out this resource which lists loads of other free tools.

Disclaimer: I take no responsibility for any issues you might experience with any of this software or which arise after you follow my suggestions.

Oh happy day

EMI releasing music without DRM. Finally, someone has woken up to the future. I was very happy when I heard about this on the news: yes, it's AAC, and yes, they're more expensive (unless you buy a whole album), but it's a brilliant start. I could even use the service, as I have the facilities to convert from AAC to Ogg or MP3. So there's potentially one new customer already (providing the iTunes store is accessible via Linux; or if I can get it running on Windows under VMware).

Hopefully this will also put pressure on companies like eMusic to offer more tracks on their subscription plans: so far they've made a virtue of offering DRM-free music, but haven't been able to offer many mainstream acts. They recently lowered the number of downloads on their plans for new users, which I thought was a terrible idea. Maybe once iTunes and the like offer DRM-free music, eMusic will have to up the downloads for subscribers if they want to stay in the game.

I agree with Dave Thomas: don't pretend HTML forms support PUT and DELETE

Dave Thomas writes about a thing he's calling RADAR. His point seems to be that bending an HTML front-end into shapes so it can "pretend" to do all the HTTP verbs (PUT, GET, POST, DELETE), when in fact it can only do two (GET, POST), is daft. I've always thought this about how REST-ful Rails contorts HTML forms using hidden fields to mock PUT and DELETE. Daft.

Dave's point is that we should be writing properly REST-ful back-end servers, which we then put a thin veneer of HTML application in front of. Funnily enough, I was writing about the same idea (a REST-ful, Atom-like back-end, with different HTML client front-ends) in October 2005; in fact, I was talking about applications structured like this in 2004 (it's just I'm not Dave Thomas, so nobody listened to me). I'm glad Dave's come up with a name for this and popularised the idea. It seems to me the way all web applications should be written. (By the way, I never got beyond planning for my ecommerce platform, but I've still planning to write an application architected this way as my next project.)

Showing validation errors for "belongs_to" drop-down boxes in Rails

Update: See the comments for an explanation of why I'm not doing validates_presence_of :project_id (instead of validates_presence_of :project). I'm prepared to be proved wrong on my assertions there, but they seem to hold up to my testing.

A common Rails pattern is to have two models with a has_many/belongs_to association, e.g.

class Task < ActiveRecord::Base
  belongs_to :project
  validates_presence_of :project
  validates_associated :project
end

class Project < ActiveRecord::Base
  has_many :tasks
  validates_presence_of :name
end

Then in the form for creating/editing a task, you might provide a drop-down box to select the associated project in the view, and display project error messages underneath it:

<p>Project: <%= collection_select :task, :project_id, Project.find(:all), :id, :name %></p>
<%= error_message_on :task, :project %>

Now if you try to save a task, you'll get the appropriate error message if you fail to select a project; also, if an invalid project gets assigned (e.g. invalid URL or incomplete Project instance), you'll get a validation error. I think this in uncontroversial.

BUT

If an error occurs on the project associated with the task, although you get an error message in the view, the drop-down box isn't highlighted (as it is with other fields). This is because the highlighting is done by looking at the errors object associated with the task, finding errors for any fields in the form with the same name, then altering the HTML for that field. So if there is an error for description and there's a field called task[description], that field gets an extra HTML <div> wrapped round it, e.g.

<div class="fieldWithErrors">
<input id="task_description" name="task[description]" size="30" 
type="text" value="" />
</div>

The issue with my task and project is that the validation errors are added for the projectattribute on the Task instance; but there isn't an HTML form field called task[project]: the drop-down is actually called task[project_id]. I tried to create a select element called task[project] instead, but this doesn't work (ActiveRecord complains that it is expecting a Project and you supplied a String).

My solution is to copy any project error for the Task to an error for project_id. I did this in the model, in the after_validation callback, like this:

class Task < ActiveRecord::Base
  belongs_to :project
  validates_presence_of :project
  validates_associate :project

  def after_validation
    project_error = errors.on(:project)
    errors.add(:project_id, project_error) if project_error
  end
end

This works fine: now any errors for the project are reflected onto project_id, so the task[project_id] drop-down box gets the error <div> (with class attribute set to "fieldWithErrors") wrapped around it. However, this doesn't feel quite right, and it makes me think I'm missing something. Is there some Rails voodoo I've overlooked which can be used to do this more cleanly?

Syndicate content